On July 30, the Curve Finance DeFi platform lost up to $50 million as a result of a hacking incident. The attack was made possible by a vulnerability found in smart contracts, allowing the attacker to steal funds from several pools.
What happened
Yesterday, CRV, wETH, alETH, msETH, pETH, and WBNB were stolen from Curve. The exact extent of the loss is still under assessment, and different analytical companies provide varying figures. According to PeckShield, the damage amounts to nearly $52 million, while BlockSec cites a figure of about $41 million.
Here are the details of the attack:
😢 The attacker exploited the old versions of the Vyper compiler, which incorrectly implemented protection against reentrancy attacks.
🤖 Vyper is a high-level programming language used for Ethereum smart contracts, and the compiler needs to translate this language into low-level machine code that a computer's processor can understand.
🦹 The hacker drained funds from a contract by simultaneously calling the same functions, which should have been prevented by Vyper compiler’s security settings, but this protection did not function as intended.
Vyper developers confirmed the existence of the vulnerability and urged projects running on older versions of the language to contact them for resolution.
Ironically, just a few days before the hack, the founder of Curve Finance, Michael Egorov, tweeted that he was surprised that the DeFi hacks had not yet affected his platform.
CRV reaction
The news of the hack led to a drop in the platform's token, CRV, which experienced an 11% decrease in price within a day. At the moment, the token is valued at $0.59.
What is Curve Finance
Curve Finance is a decentralized exchange (DEX) built on the Ethereum blockchain, launched in January 2020. The platform is optimized for efficient and low-cost trading of stablecoins and their wrapped versions, resulting in minimal slippage (the difference between an expected and a real trade price), making Curve attractive for large trades who would suffer from high slippage on other DEXs.
In addition to trading, users can earn rewards by providing liquidity to the platform's pools and participate in governance decisions by staking their CRV tokens (native governance tokens of Curve Finance).
Currently, Curve Finance operates on Ethereum, Polygon, Arbitrum, Optimism.
About reentrancy attacks
A reentrancy attack is a type of vulnerability in smart contracts that enables an attacker to drain funds from a contract by repeatedly calling a function in a way unintended by the contract's developers. The vulnerability in certain old versions of the Vyper compiler allowed the attacker to steal funds in this manner.
Imagine a piggy bank 🐷 that gives out coins but updates its count only after it has distributed the coins. Now, envision a sneaky kid 😏 who asks for a coin and quickly asks for another before the piggy bank can update. The piggy bank might give out more coins than intended because it thinks it still has the first coin.
Vyper is a programming language designed for Ethereum smart contracts, prioritizing security, simplicity, and auditability in its development.
A compiler is a special type of computer program that translates code written in one programming language into another language. The most common use of compilers is to convert source code written in a high-level programming language (like Python, Vyper, or Solidity) into low-level machine code that a computer's processor can directly execute.
In certain versions of the Vyper compiler employed by Curve, the implementation of reentrancy attack protection is flawed. In theory, the intended mechanism is to prevent several functions from being executed simultaneously by locking the contract. But in fact, this protection does not work correctly, and the hacker took advantage of it.
The vulnerability arises when a contract sends ETH as part of a function before resolving essential internal state changes. If the contract state is not updated promptly, and the function can be called again before the first function call completes, it creates a vulnerability that can be exploited by attackers.
Here is more info about a reentrancy vulnerability, and a technical analysis of the hack is in this thread.
